Thread: keys to the Kingdom
View Single Post
  #9 (permalink)  
Old 06-22-2006, 05:08 PM
Austin Lesea
Guest
  
Posts: n/a
Default Re: keys to the Kingdom
Thomas,

Yes, it is that cheap (and easy) to find and read efuses. If they had
used Actel's via fuse technology, it would be much, much harder, but
still do-able for a small number of vias. Of course, you would have to
know where to look. The poly efuse is huge, and is almost big enough to
see with the eye. An array of 128, or 256 has a big sign on it: "efuse
array right here!"

If you use the battery backed ram to store the key, the bitstream is
protected, not the device. Any regular unencrypted bitstream can be
loaded (or else how could you test your boards?).

The use of efuses to make it such that only a particular device is able
to load a particular bitsream is a requirement typical of the gaming
industry (slot machines). This is a feature that we are looking at
introducing in the future (if it does not compromise the higher level of
security).

As I said, I love efuses. They can be used for: serial numbers, lot
and process information, feature selection and control, device
identification, etc. You can even put a key in it, but make sure that
the key in a non-volatile memory is clearly stated as not being NIST
FIPS 140-2 compliant. There are customers for whom a low level of
security is just fine.

But for an IP company, placing my IP in such a low security device
invites every crypto student looking for a job, or a degree, to hack it.

Austin


Thomas Stanka wrote:
> Hi,
>
> Austin Lesea schrieb:
>
>> Just don't go advertising them to be more than they really are: a
>> convenient way to make it cost at least $5,000 to find the key.
>
> Is it that cheap today to open the die and observe the fuses?
> I have no idea, if (and how) Altera protected the key fuses against
> optical inspection of die cuts. But If your right, it would be very
> cheap to reengineer most Asics.
>
> BTW Am I right, that if I use a Xilinx with security inside a
> equipment, the chip could be highjacked (Chipmodded) by just removing
> the power supply of the keys and applieing a new bitstream?
> Which means the bitstream itself may be protected, but not the chip?
> Why did nobody combine software and fuse based technologies? It would
> be sufficient to have 128 bit (with secure algorithms) in SW and 128 in
> fuses.
>
> bye Thomas
>
Reply With Quote